public inbox for [email protected]  
help / color / mirror / Atom feed
From: Andrew Kane <[email protected]>
To: Devrim Gündüz <[email protected]>
Cc: Noah Misch <[email protected]>
Cc: [email protected]
Cc: [email protected]
Subject: Re: /support/security scope += pgvector
Date: Thu, 26 Mar 2026 13:32:13 -0700
Message-ID: <CAOdR5yFoEM+72CE1w9RiD7E6_C0ngiRX=B6xysc0=L_vxEW4rQ@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
	<[email protected]>

Thanks Noah and Devrim.

I think it'd be good to include reporting instructions as well like pgAdmin
(possible patch attached).

- Andrew


Attachments:

  [application/octet-stream] 0001-Add-instructions-for-reporting-security-vulnerabilit.patch (1.1K, ../CAOdR5yFoEM+72CE1w9RiD7E6_C0ngiRX=B6xysc0=L_vxEW4rQ@mail.gmail.com/3-0001-Add-instructions-for-reporting-security-vulnerabilit.patch)
  download | inline diff:
From 490be0f798fc74ad1ad18e27e125b05d6baa4bc2 Mon Sep 17 00:00:00 2001
From: Andrew Kane <[email protected]>
Date: Thu, 26 Mar 2026 13:19:50 -0700
Subject: [PATCH] Add instructions for reporting security vulnerabilities in
 pgvector

---
 templates/security/security.html | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/templates/security/security.html b/templates/security/security.html
index 287350c7..b8930ecb 100644
--- a/templates/security/security.html
+++ b/templates/security/security.html
@@ -132,6 +132,10 @@
     For security vulnerabilities in <a href="https://www.pgadmin.org/">pgAdmin</a>,
     please email <a href="mailto:[email protected]">[email protected]</a>.
   </li>
+  <li>
+    For security vulnerabilities in <a href="https://github.com/pgvector/pgvector/">pgvector</a>,
+    please email <a href="mailto:[email protected]">[email protected]</a>.
+  </li>
   <li>
     If you wish to report a security vulnerability for any other open source project in
     the PostgreSQL ecosystem (e.g. a driver, an extension, or an installer) and
-- 
2.52.0



view thread (5+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected]
  Subject: Re: /support/security scope += pgvector
  In-Reply-To: <CAOdR5yFoEM+72CE1w9RiD7E6_C0ngiRX=B6xysc0=L_vxEW4rQ@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox